Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices

Welcome to LinuxQuestions.org, a friendly and active Linux Community.

You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!

Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.

If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.

Having a problem logging in? Please visit this page to clear all LQ-related cookies.

Introduction to Linux - A Hands on Guide

This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.

I have a snort, barnyard2, pulled pork IDS with an Aanval web front end. I am trying to get the BPUs of Aanval to run through cron. My limited knowledge is that it uses Perl.

Here are the instructions from the Aanval Wiki to manually start the BPUs:

The Aanval Background Processing Units (BPUs) are responsible for importing events, processing actions, and ensuring the console functions properly. You must start the BPUs in order for the console to operate correctly, and it should be done with root or equivalent privileges. To start the BPUs, change into the /apps directory of your Aanval installation and run the following command:
perl idsBackground.pl -start

Here is my chron entry that doesn’t seem to work:

05 04 * * * perl /var/www/html/aanval/apps/idsBackground.pl -start

I am editing cron with the cli command of sudo crontab -e

Running “/var/www/html/aanval/apps/idsBackground.pl -start” works from the cli.

There should never, ever be any excutable scripts inside the web server's document root. So before going further it would be a good idea to move it to /usr/local/bin/ or /var/www/bin/ or something like that.

There should never, ever be any excutable scripts inside the web server's document root. So before going further it would be a good idea to move it to /usr/local/bin/ or /var/www/bin/ or something like that.

Thanks. The web server root they mention in the instructions refers to /var/www/ on your machine. That is not readable by the world. The document root, which is /var/www/html/ on your machine, is readable by the world via HTTP and/or HTTPS. So scripts should move out of the latter and into the former.

As for the 0777 permissions, those can be fixed but since the tarball is not available for download, so I can't see if they've provided files with incorrect permissions or if that came later. Either way the script should be 0755 or 0555.

Thanks. The web server root they mention in the instructions refers to /var/www/ on your machine. That is not readable by the world. The document root, which is /var/www/html/ on your machine, is readable by the world via HTTP and/or HTTPS. So scripts should move out of the latter and into the former.

As for the 0777 permissions, those can be fixed but since the tarball is not available for download, so I can't see if they've provided files with incorrect permissions or if that came later. Either way the script should be 0755 or 0555.

So, if I put it into /var/www/aanval, would I be able to access the web page? Did I totally install it wrong by putting it in /var/www/html/aanval or is that the correct place and I just need to move scripts elsewhere?

So, if I put it into /var/www/aanval, would I be able to access the web page? Did I totally install it wrong by putting it in /var/www/html or is that the correct place and I just need to move scripts elsewhere?

Thank you for your help on this. Great learning for me.

It should work in /var/www/aanval/ but what kind of output does in produce?

It's hard to say what the scripts produce and where they put it without seeing the actual code and that's not available for general login. In general, /var/www/html/ is a very wrong place for scripts. But the instructions seem a little weird.

It is kind of weird that they say to precede the script with the perl interpreter since the script is executable and the first line points to the interpreter.

It should work in /var/www/aanval/ but what kind of output does in produce?

It's hard to say what the scripts produce and where they put it without seeing the actual code and that's not available for general login. In general, /var/www/html/ is a very wrong place for scripts. But the instructions seem a little weird.

It is kind of weird that they say to precede the script with the perl interpreter since the script is executable and the first line points to the interpreter.

Can't open perl script "./idsBackground.pl": No such file or directory
Can't open perl script "./idsBackground.pl": No such file or directory
Can't open perl script "./idsBackground.pl": No such file or directory
Can't open perl script "./idsBackground.pl": No such file or directory

Can't open perl script "./idsBackground.pl": No such file or directory
Can't open perl script "./idsBackground.pl": No such file or directory
Can't open perl script "./idsBackground.pl": No such file or directory
Can't open perl script "./idsBackground.pl": No such file or directory

Ok. You might take a look at the script. It is probably not so complex. It is looking for a relative path and cron is not using the right directory. One work-around would be to wrap the task in a short shell script and call that from cron instead. There you can include a call to change the working directory.

Ok. You might take a look at the script. It is probably not so complex. It is looking for a relative path and cron is not using the right directory. One work-around would be to wrap the task in a short shell script and call that from cron instead. There you can include a call to change the working directory.

Ok, I made a backup copy of the script and called it idsBackgroundChron.pl. Then everywhere there was a “./“, I filled in the relative path. Should this work? Also, twice in the script there was “../“. What is the difference between ./ and ../?

Quote:

Originally Posted by Turbocapitalist

Again, please see the comments before about moving the scripts out of the public part of the web server's directories.

Yes, I am onboard with this. I just need to get a known working setup before I make changes so I know what effects my changes have.